https://sourceforge.net/projects/sentrytools/

[root@localhost ~]# tar -xzvf portsentry-1.2.tar.gz
[root@localhost ~]# cd portsentry_beta/
[root@localhost portsentry_beta]# ls
CHANGES portsentry.c portsentry_io.c README.COMPAT
CREDITS portsentry.conf portsentry_io.h README.install
ignore.csh portsentry_config.h portsentry_tcpip.h README.methods
LICENSE portsentry.h portsentry_util.c README.stealth
Makefile portsentry.ignore portsentry_util.h
[root@localhost portsentry_beta]# make
Usage: make <systype>
<systype> is one of: linux, debian-linux, bsd, solaris, hpux, hpux-gcc,
freebsd, osx, openbsd, netbsd, bsdi, aix, osf, irix, generic This code requires snprintf()/vsnprintf() system calls
to work. If you run a modern OS it should work on
your system with 'make generic'. If you get it to
work on an unlisted OS please write us with the
changes. Install: make install NOTE: This will install the package in this
directory: /usr/local/psionic Edit the makefile if you wish to change these paths.
Any existing files will be overwritten.
[root@localhost portsentry_beta]# make install
Creating psionic directory /usr/local/psionic
Setting directory permissions
Creating portsentry directory /usr/local/psionic/portsentry
Setting directory permissions
chmod /usr/local/psionic/portsentry
Copying files
cp ./portsentry.conf /usr/local/psionic/portsentry
cp ./portsentry.ignore /usr/local/psionic/portsentry
cp ./portsentry /usr/local/psionic/portsentry
cp: cannot stat `./portsentry': No such file or directory
make: *** [install] Error [root@localhost portsentry_beta]# make linux
SYSTYPE=linux
Making
cc -O -Wall -DLINUX -DSUPPORT_STEALTH -o ./portsentry ./portsentry.c \
./portsentry_io.c ./portsentry_util.c
./portsentry.c: In function ‘PortSentryModeTCP’:
./portsentry.c:: warning: pointer targets in passing argument of ‘accept’ differ in signedness
/usr/include/sys/socket.h:: note: expected ‘socklen_t * __restrict__’ but argument is of type ‘int *’
./portsentry.c: In function ‘PortSentryModeUDP’:
./portsentry.c:: warning: pointer targets in passing argument of ‘recvfrom’ differ in signedness
/usr/include/sys/socket.h:: note: expected ‘socklen_t * __restrict__’ but argument is of type ‘int *’
./portsentry.c::: warning: missing terminating " character
./portsentry.c: In function ‘Usage’:
./portsentry.c:: error: missing terminating " character
./portsentry.c:: error: ‘sourceforget’ undeclared (first use in this function)
./portsentry.c:: error: (Each undeclared identifier is reported only once
./portsentry.c:: error: for each function it appears in.)
./portsentry.c:: error: expected ‘)’ before ‘dot’
./portsentry.c:: error: stray ‘\’ in program
./portsentry.c::: warning: missing terminating " character
./portsentry.c:: error: missing terminating " character
./portsentry.c:: error: expected ‘;’ before ‘}’ token
./portsentry_io.c: In function ‘ConfigTokenRetrieve’:
./portsentry_io.c:: warning: cast from pointer to integer of different size
./portsentry_io.c:: warning: cast from pointer to integer of different size
./portsentry_io.c: In function ‘IsBlocked’:
./portsentry_io.c:: warning: cast from pointer to integer of different size
./portsentry_io.c: In function ‘SubstString’:
./portsentry_io.c:: warning: cast from pointer to integer of different size
make: *** [linux] Error

解决方法 把portsentry.c中代“将带有Copyright 1997-2003字样的那行调整为一行即可”:

调整后如下:

[root@localhost portsentry_beta]# make linux
SYSTYPE=linux
Making
cc -O -Wall -DLINUX -DSUPPORT_STEALTH -o ./portsentry ./portsentry.c \
./portsentry_io.c ./portsentry_util.c
./portsentry.c: In function ‘PortSentryModeTCP’:
./portsentry.c:: warning: pointer targets in passing argument of ‘accept’ differ in signedness
/usr/include/sys/socket.h:: note: expected ‘socklen_t * __restrict__’ but argument is of type ‘int *’
./portsentry.c: In function ‘PortSentryModeUDP’:
./portsentry.c:: warning: pointer targets in passing argument of ‘recvfrom’ differ in signedness
/usr/include/sys/socket.h:: note: expected ‘socklen_t * __restrict__’ but argument is of type ‘int *’
./portsentry_io.c: In function ‘ConfigTokenRetrieve’:
./portsentry_io.c:: warning: cast from pointer to integer of different size
./portsentry_io.c:: warning: cast from pointer to integer of different size
./portsentry_io.c: In function ‘IsBlocked’:
./portsentry_io.c:: warning: cast from pointer to integer of different size
./portsentry_io.c: In function ‘SubstString’:
./portsentry_io.c:: warning: cast from pointer to integer of different size
[root@localhost portsentry_beta]# make install
Creating psionic directory /usr/local/psionic
Setting directory permissions
Creating portsentry directory /usr/local/psionic/portsentry
Setting directory permissions
chmod 700 /usr/local/psionic/portsentry
Copying files
cp ./portsentry.conf /usr/local/psionic/portsentry
cp ./portsentry.ignore /usr/local/psionic/portsentry
cp ./portsentry /usr/local/psionic/portsentry
Setting permissions
chmod 600 /usr/local/psionic/portsentry/portsentry.ignore
chmod 600 /usr/local/psionic/portsentry/portsentry.conf
chmod 700 /usr/local/psionic/portsentry/portsentry Edit /usr/local/psionic/portsentry/portsentry.conf and change
your settings if you haven't already. (route, etc) WARNING: This version and above now use a new
directory structure for storing the program
and config files (/usr/local/psionic/portsentry).
Please make sure you delete the old files when
the testing of this install is complete.

安装路径为:

[root@localhost portsentry_beta]# tree  /usr/local/psionic/
/usr/local/psionic/
└── portsentry
├── portsentry
├── portsentry.conf
└── portsentry.ignore 1 directory, 3 files

PortSentry的配置

1:通过PortSentry.conf

# Un-comment these if you are really anal:
#TCP_PORTS="1,7,9,11,15,70,79,80,109,110,111,119,138,139,143,512,513,514,515,540,635,1080,1524,2000,2001,4000,4001,5742,6000,6001,6667,12345,12346,20034,27665,30303,32771,32772,32773,32774,31337,40421,40425,49724,54320"
#UDP_PORTS="1,7,9,66,67,68,69,111,137,138,161,162,474,513,517,518,635,640,641,666,700,2049,31335,27444,34555,32770,32771,32772,32773,32774,31337,54321"
#
# Use these if you just want to be aware:
TCP_PORTS="1,11,15,79,111,119,143,540,635,1080,1524,2000,5742,6667,12345,12346,20034,27665,31337,32771,32772,32773,32774,40421,49724,54320"
UDP_PORTS="1,7,9,69,161,162,513,635,640,641,700,37444,34555,31335,32770,32771,32772,32773,32774,31337,54321"
#
# Use these for just bare-bones
#TCP_PORTS="1,11,15,110,111,143,540,635,1080,1524,2000,12345,12346,20034,32771,32772,32773,32774,49724,54320"
#UDP_PORTS="1,7,9,69,161,162,513,640,700,32770,32771,32772,32773,32774,31337,54321"

通过portSentry进行入侵检,首先制定要监视的端口清单和相应的阻止对策。然后启动后台进程对这些端口进行检测,一旦发现有人扫描这些端口,以及相应的对策进行阻拦。

通过portentry.conf中关于端口默认配置情况:

一般有意开放的端口是不需要监控的,如果web服务器的80端口!!!!!

在portsentry.conf中自动配置了许多文件如下:

###########################################
# Advanced Stealth Scan Detection Options #
###########################################
#
# This is the number of ports you want PortSentry to monitor in Advanced mode.
# Any port *below* this number will be monitored. Right now it watches
# everything below .
#
# On many Linux systems you cannot bind above port . This is because
# these ports are used as part of IP masquerading. I don't recommend you
# bind over this number of ports. Realistically: I DON'T RECOMMEND YOU MONITOR
# OVER PORTS AS YOUR FALSE ALARM RATE WILL ALMOST CERTAINLY RISE. You've been
# warned! Don't write me if you have have a problem because I'll only tell
# you to RTFM and don't run above the first 1024 ports.
#
#
ADVANCED_PORTS_TCP=""
ADVANCED_PORTS_UDP=""
#这表明,1~1024的所有端口将被监视
# This field tells PortSentry what ports (besides listening daemons) to
# ignore. This is helpful for services like ident that services such
# as FTP, SMTP, and wrappers look for but you may not run (and probably
# *shouldn't* IMHO).
#
# By specifying ports here PortSentry will simply not respond to
# incoming requests, in effect PortSentry treats them as if they are
# actual bound daemons. The default ports are ones reported as
# problematic false alarms and should probably be left alone for
# all but the most isolated systems/networks.
#但监视高端口号会引起更多的误报,可以通下面参数排除出错的端口
# Default TCP ident and NetBIOS service
ADVANCED_EXCLUDE_TCP="111,113,139" #默认请况,使用tcp(111,113,139)的ident和NetBIOS服务以及UDP(520,138,137,67)route,NetBIOS和Bootp服务将被排除在高级扫描之外。
# Default UDP route (RIP), NetBIOS, bootp broadcasts.
ADVANCED_EXCLUDE_UDP="520,138,137,67" ######################
######################
# Configuration Files#
######################
#
# Hosts to ignore#记录允许合法扫描服务器的主机地址
IGNORE_FILE="/usr/local/psionic/portsentry/portsentry.ignore"
# Hosts that have been denied (running history)#入侵主机的IP历史记录
HISTORY_FILE="/usr/local/psionic/portsentry/portsentry.history"
# Hosts that have been denied this session only (temporary until next restart)#被阻止连接主机的ip记录
BLOCKED_FILE="/usr/local/psionic/portsentry/portsentry.blocked"

设置路由重定向:

# Generic
#KILL_ROUTE="/sbin/route add $TARGET$ 333.444.555.666" # Generic Linux
KILL_ROUTE="/sbin/route add -host $TARGET$ gw 333.444.555.666" # Newer versions of Linux support the reject flag now. This
# is cleaner than the above option.
#KILL_ROUTE="/sbin/route add -host $TARGET$ reject" # Generic BSD (BSDI, OpenBSD, NetBSD, FreeBSD)
#KILL_ROUTE="/sbin/route add $TARGET$ 333.444.555.666"
#把数据包重定向到一个未知的主机,使这无法获取信息

我们还可以利用linux中的iptables命令,可以切断攻主机的连接:

# iptables support for Linux
KILL_ROUTE="/usr/local/bin/iptables -I INPUT -s $TARGET$ -j DROP"
#
# For those of you running FreeBSD (and compatible) you can

可以直热门把攻击者的ip记录到/etc/hosts.deny文件中,利用TCP_Wrappers保护机制来防止攻击

###############
# TCP Wrappers#
###############
# This text will be dropped into the hosts.deny file for wrappers
# to use. There are two formats for TCP wrappers:
#
# Format One: Old Style - The default when extended host processing
# options are not enabled.
#
KILL_HOSTS_DENY="ALL: $TARGET$" # Format Two: New Style - The format used when extended option
# processing is enabled. You can drop in extended processing
# options, but be sure you escape all '%' symbols with a backslash
# to prevent problems writing out (i.e. \%c \%h )
#
#KILL_HOSTS_DENY="ALL: $TARGET$ : DENY"

系统默认是利用TCP_Wrappers来切断与主机之间的连接

改变完毕后,改变文件的权限,以保证其安全。

/usr/psionic/portentry/portsentry.ignore文件中设置portsentry忽略主机ip,限允许合法扫描的主机地址一面是配置情况:

[root@localhost portsentry]# cat portsentry.ignore
# Put hosts in here you never want blocked. This includes the IP addresses
# of all local interfaces on the protected host (i.e virtual host, mult-home)
# Keep 127.0.0.1 and 0.0.0.0 to keep people from playing games.
#
# PortSentry can support full netmasks for networks as well. Format is:
#
# <IP Address>/<Netmask>
#
# Example:
#
# 192.168.2.0/
# 192.168.0.0/
# 192.168.2.1/
# Etc.
#
# If you don't supply a netmask it is assumed to be 32 bits.
#
# 127.0.0.1/
0.0.0.0
#Exclude all local interfaces
127.0.0.1

记得带上本机地址

portsentry启动检测模试。对应tcp和udp两种协议方式,portsentry分别有三种启动模式,即基本 秘密和高级秘密扫描检测模式,合计6种模式。

[root@localhost portsentry]# ls
portsentry portsentry.conf portsentry.ignore
[root@localhost portsentry]# pwd
/usr/local/psionic/portsentry
[root@localhost portsentry]# ./portsentry -h
PortSentry - Port Scan Detector.
Copyright - Craig H. Rowland <craigrowland at users dot sourceforget dot net>
Licensing restrictions apply. Please see documentation
Version: 1.2 usage: portsentry [-tcp -udp -stcp -atcp -sudp -audp] *** PLEASE READ THE DOCS BEFORE USING *** [root@localhost portsentry]# ./portsentry -stcp

portsentry -tcp ---->TCP的基本端口绑定模式

portsentry -udp --->UDP的基本端口绑定模式

portsentry -stcp --->TCP的秘密扫描模式

portsentry -sudp --->UDP的秘密扫描检测模式

portsentry -atcp ---->TCP的高级秘密扫描检测模式

portsentry audp ----->UDP的高级秘密扫描检测

使用高级秘密扫描检测模式(Advanced Stealth Scan Detection Mode),PortSentry会自动检查服务器上正在运行的端口,然后把这些端口,从配置文件中移去,只监控其它的端口。

启动portSentry的命令:

[root@localhost portsentry]# /usr/local/psionic/portsentry/portsentry -atcp
[root@localhost portsentry]# cat /etc/rc.d/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
#
touch /var/lock/subsys/local
/usr/local/psionic/portsentry/portsentry -atcp
[root@localhost portsentry]# ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP qlen
link/ether :::b3:: brd ff:ff:ff:ff:ff:ff
inet 10.100.2.119/ brd 10.100.2.255 scope global eth0
inet6 fe80:::ff:feb3:/ scope link
valid_lft forever preferred_lft forever
[root@localhost portsentry]# netstat -lnutp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0.0.0.0: 0.0.0.0:* LISTEN /sshd
tcp 127.0.0.1: 0.0.0.0:* LISTEN /master
tcp ::: :::* LISTEN /sshd
tcp ::: :::* LISTEN /master
udp 0.0.0.0: 0.0.0.0:* /dhclient

进行扫描:

[root@ok Safety]# nmap -sS 10.100.2.119

Starting Nmap 5.51 ( http://nmap.org ) at 2016-10-21 21:35 CST
Nmap scan report for 10.100.2.119
Host is up (.00060s latency).
Not shown: filtered ports
PORT STATE SERVICE
/tcp open ssh
/tcp closed http
/tcp closed http-proxy
MAC Address: :::B3:: (QEMU Virtual NIC) Nmap done: IP address ( host up) scanned in 5.19 seconds

查看系统日志:

[root@localhost portsentry]# tail -f /var/log/messages
Oct :: localhost portsentry[]: adminalert: Advanced mode will manually exclude port:
Oct :: localhost portsentry[]: adminalert: Advanced mode will manually exclude port:
Oct :: localhost portsentry[]: adminalert: Advanced Stealth scan detection mode activated. Ignored TCP port:
Oct :: localhost portsentry[]: adminalert: Advanced Stealth scan detection mode activated. Ignored TCP port:
Oct :: localhost portsentry[]: adminalert: Advanced Stealth scan detection mode activated. Ignored TCP port:
Oct :: localhost portsentry[]: adminalert: Advanced Stealth scan detection mode activated. Ignored TCP port:
Oct :: localhost portsentry[]: adminalert: PortSentry is now active and listening.
Oct :: localhost portsentry[]: attackalert: TCP SYN/Normal scan from host: 10.100.2.14/10.100.2.14 to TCP port:
Oct :: localhost portsentry[]: attackalert: Host 10.100.2.14 has been blocked via wrappers with string: "ALL: 10.100.2.14"
Oct :: localhost portsentry[]: attackalert: Host 10.100.2.14 has been blocked via dropped route using command: "/sbin/route add -host 10.100.2.14 gw 333.444.555.666"

看到ip记录在文件中了

[root@localhost portsentry]# cat portsentry.blocked.atcp
- // :: Host: 10.100.2.14/10.100.2.14 Port: TCP Blocked
[root@localhost portsentry]# cat portsentry.blocked.stcp
[root@localhost portsentry]# cat portsentry.history
- // :: Host: 10.100.2.14/10.100.2.14 Port: TCP Blocked
[root@localhost portsentry]# pwd
/usr/local/psionic/portsentry
[root@localhost portsentry]# ls
portsentry portsentry.blocked.atcp portsentry.blocked.stcp portsentry.conf portsentry.history portsentry.ignore

查看一下/etc/hoosts.deny,发现如下恶意ip:

[root@localhost portsentry]# cat /etc/hosts.deny
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#
ALL: 10.100.2.14
[root@localhost portsentry]#

再次ssh 不能连接成功!!!!

[root@ok ok]# ssh 10.100.2.119 -v
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.100.2.119 [10.100.2.119] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
ssh_exchange_identification: Connection closed by remote host

删除/etc/hosts.deny中的ip

[root@ok ok]# ssh 10.100.2.119 -v
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.100.2.119 [10.100.2.119] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
ssh_exchange_identification: Connection closed by remote host
[root@ok ok]# ssh 10.100.2.119 -v
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.100.2.119 [10.100.2.119] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
ssh_exchange_identification: Connection closed by remote host
[root@ok ok]# ssh 10.100.2.119 -v
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.100.2.119 [10.100.2.119] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.
debug1: match: OpenSSH_5. pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(<<) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.100.2.119' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel : new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=ibus
debug1: Sending env LANG = en_US.UTF-
Last login: Thu Oct :: from 10.100.2.14

PortSentry是入侵检测工具中配置最简单、效果最直接的工具之一的更多相关文章

  1. 关于在Intellij IDEA工具中配置热加载问题

    第一步,创建一个maven项目,然后在pom.xml文件中添加依赖(上图内容). 第二步:来到intellij idea主页面,点击File->Settings->Build->co ...

  2. 在eclipse中配置一个简单的spring入门项目

    spring是一个很优秀的基于Java的轻量级开源框架,为了解决企业级应用的复杂性而创建的,spring不仅可用于服务器端开发,从简单性.可测试性和松耦合性的角度,任何java应用程序都可以利用这个思 ...

  3. 自动化运维工具-mussh工具安装配置及简单使用讲解

    1.先决条件: 安装pssh工具的主机针对远程主机需要配置免秘钥认证: ssh-keygen -t rsa ssh-copy-id [remotehost] 2.下载mussh工具安装介质: http ...

  4. 自动化运维工具-pdsh工具安装配置及简单使用讲解

    1.先决条件: 安装pssh工具的主机针对远程主机需要配置免秘钥认证: ssh-keygen -t rsa ssh-copy-id [remotehost] 2.下载pssh工具安装介质: https ...

  5. 自动化运维工具-pssh工具安装配置及简单使用讲解

    1.先决条件:安装pssh工具要求python版本大于2.4即可. 安装pssh工具的主机针对远程主机需要配置免秘钥认证: ssh-keygen -t rsa ssh-copy-id [remoteh ...

  6. imagesLoaded – 检测网页中的图片是否加载

    imagesLoaded 是一个用于来检测网页中的图片是否载入完成的 JavaScript 工具库.支持回调的获取图片加载的进度,还可以绑定自定义事件.可以结合 jQuery.RequireJS 使用 ...

  7. [Android Studio 权威教程]AS 中配置强大的版本号管理系统(Git、SVN、等)

    在Eclipse中加入Git等版本号管理工具须要自己加入插件.并且个人认为不咋好用,在AS中已经给我们集成好了,我们仅仅须要配置一下就OK了.今天就和大家聊聊怎么配置以及使用的要点. 1. 安装Git ...

  8. Idea中配置Tomcat以及运行maven项目

    maven安装和详细配置 提示:下面是Tomcat9.0版本的下载链接,需要其他版本的去官方网站下载. 链接:https://pan.baidu.com/s/1CONf8KVXM4gyJj4pxjFB ...

  9. spring AOP为什么配置了没有效果?

     spring Aop的配置一定要配置在springmvc配置文件中         springMVC.xml 1 <!-- AOP 注解方式 :定义Aspect --> <!-- ...

随机推荐

  1. BZOJ3196——二逼平衡树

    1.题目大意:给你一个序列,有5种操作,都有什么呢... 1> 区间第k小 这个直接用二分+树套树做 2> 区间小于k的有多少 这个直接用树套树做 3> 单点修改 这个直接用树套树做 ...

  2. 表单select相关

    selectedIndex 属性可设置或返回下拉列表中被选选项的索引号. options[] 返回包含下拉列表中的所有选项的一个数组. add()向下拉列表添加一个选项. blur()从下拉列表移开焦 ...

  3. word20161130

    1. even 偶数 [ǒu shù][词典] even; [数] even number;[例句]在本例中,slot A中有奇数个阵列,slot B中有偶数个阵列.In this example, ...

  4. BZOJ 2822: [AHOI2012]树屋阶梯

    Description 求拼成阶梯状的方案数. Sol 高精度+Catalan数. 我们可以把最后一行无线延伸,所有就很容易看出Catalan数了. \(f_n=f_0f_{n-1}+f_1f_{n- ...

  5. 将Apache加入到linux系统service

    将Apache加入到linux系统service 将apache加入到linux系统服务,用service命令来控制apache的启动和停止. 本文由乌合之众瞎写http://www.cnblogs. ...

  6. 为什么要继承ActionSupport?

    struts2中的action可以继承ActionSupport,也可以不继承ActionSupport.不继承ActionSupport的情况只需要有一个方法,返回String,即可,记住,在继承A ...

  7. igbinary vs serialize vs json_encode

    igbinary vs serialize vs json_encode 2010-04-18 @ 23:01:58 · 作者 Volcano · 归类于 php 你可能会感兴趣的内容 关于" ...

  8. NET程序内存分析工具CLRProfiler的使用(性能测试)

    http://blog.csdn.net/wy3552128/article/details/8158938 大家都知道.net有一套自己的内存(垃圾)回收机制,除非有一些数据(方法)长期占有内存不随 ...

  9. ASP.NET 上的 Async/Await 简介

    原文链接 大多数有关 async/await 的在线资源假定您正在开发客户端应用程序,但在服务器上有 async 的位置吗?可以非常肯定地回答“有”.本文是对 ASP.NET 上异步请求的概念性概述, ...

  10. Javascript——Context和Scope的一些学习总结

    1.1.1 摘要 在我们学习Javascript过程中,常常会遇到作用域(Scope)和执行上下文(Context)等概念.其中,执行上下文与this关键字的关系密切. 有面向对象编程经验的各位,对于 ...